The links below will be updated as the course progresses; materials provided for future lectures should only be considered as a rough guide.

Lecture 1 (18 Sept 2013): Introduction to Cryptographic Protocols.
We discussed some cryptographic protocols, described them using an informal notation, and discussed symbolic and computational attacks on them. We learnt how to model protocols in a small process calculus, using Needham-Schroeder as an example. slides in pdf (some exercises)poly in pdf (some exercises)
(Extra: For more protocols to attack see these slides used in this course)

Lecture 3 (2 Oct 2013): Proofs in the Symbolic Model II
We studied a detailed case study of Web Services Security protocols and their modeling and proofs in the applied pi calculus.
We began to study the complexity of automated verification of protocols in bounded sessions. slides in pdf (some exercises)poly in pdf (some exercises)

Lecture 4 (9 Oct 2013): Proofs in the Symbolic Model III
We studied the decidability of bounded session verification.
We proved the undecidability of secrecy in the applied pi calculus
We studied a security type system for the applied pi calculus, and concluded with some applications of symbolic protocol analysisslides in pdf (some exercises)poly in pdf (some exercises)

Lecture 7 (12 Mar 2014): Computational verification of protocol implementations.
We learnt how to use types to model and verify protocol code in the computational model.
We began a case study of the TLS protocol and its implementation. slides in pdf (some exercises)